|
| PORTAIL | ANNUAIRE | ARTICLES | COMPARATEUR HÉBERGEURS | DEVIS | FORUMS | RÉDUCTEUR D'URL |
|
|
|
|
||||||
 |
|
|
LinkBack | Outils de la discussion |
11/10/2007, 18h21
|
#1 |
Messages: n/a
Hébergeur: |
Re: generic Domain(AD) connection
mayoza wrote;
> The following script returns the policy in the AD. Can you me with > one > thing, I dont want to supply the parameters like dc="?", I want the script > to > run under the AD that the user is currently logon to. > > --------------------- > Const MIN_IN_DAY = 1440 > Const SEC_IN_MIN = 60 > > Set objDomain = GetObject("WinNT://fabrikam") > Set objAdS = GetObject("LDAP://dc=fabrikam,dc=com") > > intMaxPwdAgeSeconds = objDomain.Get("MaxPasswordAge") > intMinPwdAgeSeconds = objDomain.Get("MinPasswordAge") > intLockOutObservationWindowSeconds = > objDomain.Get("LockoutObservationInterval") > intLockoutDurationSeconds = objDomain.Get("AutoUnlockInterval") > intMinPwdLength = objAds.Get("minPwdLength") > > intPwdHistoryLength = objAds.Get("pwdHistoryLength") > intPwdProperties = objAds.Get("pwdProperties") > intLockoutThreshold = objAds.Get("lockoutThreshold") > intMaxPwdAgeDays = _ > ((intMaxPwdAgeSeconds/SEC_IN_MIN)/MIN_IN_DAY) & " days" > intMinPwdAgeDays = _ > ((intMinPwdAgeSeconds/SEC_IN_MIN)/MIN_IN_DAY) & " days" > intLockOutObservationWindowMinutes = _ > (intLockOutObservationWindowSeconds/SEC_IN_MIN) & " minutes" > > If intLockoutDurationSeconds <> -1 Then > intLockoutDurationMinutes = _ > (intLockOutDurationSeconds/SEC_IN_MIN) & " minutes" > Else > intLockoutDurationMinutes = _ > "Administrator must manually unlock locked accounts" > End If > > WScript.Echo "maxPwdAge = " & intMaxPwdAgeDays > WScript.Echo "minPwdAge = " & intMinPwdAgeDays > WScript.Echo "minPwdLength = " & intMinPwdLength > WScript.Echo "pwdHistoryLength = " & intPwdHistoryLength > WScript.Echo "pwdProperties = " & intPwdProperties > WScript.Echo "lockOutThreshold = " & intLockoutThreshold > WScript.Echo "lockOutObservationWindow = " & > intLockOutObservationWindowMinutes > WScript.Echo "lockOutDuration = " & intLockoutDurationMinutes > --------- You can use the RootDSE object to retrieve the Distinguished Name of the domain the current user authenticated to. If you need the NetBIOS domain name for the WinNT provider as well, you can use the DomainShortName property of the ADSystemInfo object. For example: ========= Set objRootDSE = GetObject("LDAP://RootDSE") strDNSDomain = objRootDSE.Get("defaultNamingContext") Set objSysInfo = CreateObject("ADSystemInfo") strNTDomain = objSysInfo.domainShortName Set objAds = GetObject("LDAP://" & strDNSDomain) Set objDomain = GetObject("WinNT://" & strNTDomain) -- Richard Mueller Microsoft MVP Scripting and ADSI Hilltop Lab - http://www.rlmueller.net -- |
|
|
12/10/2007, 08h34
|
#2 |
|
Messages: n/a
Hébergeur: |
Re: generic Domain(AD) connection
Thanks a lot.
"Richard Mueller [MVP]" wrote: > mayoza wrote; > > > The following script returns the policy in the AD. Can you me with > > one > > thing, I dont want to supply the parameters like dc="?", I want the script > > to > > run under the AD that the user is currently logon to. > > > > --------------------- > > Const MIN_IN_DAY = 1440 > > Const SEC_IN_MIN = 60 > > > > Set objDomain = GetObject("WinNT://fabrikam") > > Set objAdS = GetObject("LDAP://dc=fabrikam,dc=com") > > > > intMaxPwdAgeSeconds = objDomain.Get("MaxPasswordAge") > > intMinPwdAgeSeconds = objDomain.Get("MinPasswordAge") > > intLockOutObservationWindowSeconds = > > objDomain.Get("LockoutObservationInterval") > > intLockoutDurationSeconds = objDomain.Get("AutoUnlockInterval") > > intMinPwdLength = objAds.Get("minPwdLength") > > > > intPwdHistoryLength = objAds.Get("pwdHistoryLength") > > intPwdProperties = objAds.Get("pwdProperties") > > intLockoutThreshold = objAds.Get("lockoutThreshold") > > intMaxPwdAgeDays = _ > > ((intMaxPwdAgeSeconds/SEC_IN_MIN)/MIN_IN_DAY) & " days" > > intMinPwdAgeDays = _ > > ((intMinPwdAgeSeconds/SEC_IN_MIN)/MIN_IN_DAY) & " days" > > intLockOutObservationWindowMinutes = _ > > (intLockOutObservationWindowSeconds/SEC_IN_MIN) & " minutes" > > > > If intLockoutDurationSeconds <> -1 Then > > intLockoutDurationMinutes = _ > > (intLockOutDurationSeconds/SEC_IN_MIN) & " minutes" > > Else > > intLockoutDurationMinutes = _ > > "Administrator must manually unlock locked accounts" > > End If > > > > WScript.Echo "maxPwdAge = " & intMaxPwdAgeDays > > WScript.Echo "minPwdAge = " & intMinPwdAgeDays > > WScript.Echo "minPwdLength = " & intMinPwdLength > > WScript.Echo "pwdHistoryLength = " & intPwdHistoryLength > > WScript.Echo "pwdProperties = " & intPwdProperties > > WScript.Echo "lockOutThreshold = " & intLockoutThreshold > > WScript.Echo "lockOutObservationWindow = " & > > intLockOutObservationWindowMinutes > > WScript.Echo "lockOutDuration = " & intLockoutDurationMinutes > > --------- > > You can use the RootDSE object to retrieve the Distinguished Name of the > domain the current user authenticated to. If you need the NetBIOS domain > name for the WinNT provider as well, you can use the DomainShortName > property of the ADSystemInfo object. For example: > ========= > Set objRootDSE = GetObject("LDAP://RootDSE") > strDNSDomain = objRootDSE.Get("defaultNamingContext") > > Set objSysInfo = CreateObject("ADSystemInfo") > strNTDomain = objSysInfo.domainShortName > > Set objAds = GetObject("LDAP://" & strDNSDomain) > Set objDomain = GetObject("WinNT://" & strNTDomain) > > -- > Richard Mueller > Microsoft MVP Scripting and ADSI > Hilltop Lab - http://www.rlmueller.net > -- > > > |
|
|
|
| Outils de la discussion | |
|
|
